Check and fix shellshock vulnerability in bash/debian

Bash shell has a serious vulnerability that can be exploited by
an remote attacker in some cases.

To check if you are using bash can be done with entering the following at the shell:
echo $0
or
echo $SHELL

If it prints bash, then you are using bash.

Debian Wheezy is using dash by default since version 6.10, so it should not be vulnerable.

If your version of bash is vulnerable can be tested by entering the following in bash:
env X='() { (a)=>\' bash -c "echo echo vuln"; [[ "$(cat echo)" == "vuln" ]] && echo "still vulnerable :("

If it echos "still vulnerable:(", then your bash is vulnerable and not fixed yet.
The script creates a file named echo in the current directory. Delete this file after
each test to get correct results.

For debian wheezy, the latest bash version is fixed in the repository. You can get it with:
apt-get update
apt-get install bash

Run the test again after the installation, to be sure you got the correct version.
It should not print the "vulnerable" line.

For debian squeeze, there is also a fix, but as far as I know only in the squeeze-lts repository. This has to be added in your /etc/apt/sources.list file:

deb http://http.debian.net/debian/ squeeze-lts main contrib non-free
deb-src http://http.debian.net/debian/ squeeze-lts main contrib non-free

After modification of the file, the procedure is the same as for wheezy.

Be prepared that this only works for i386 and amd64 platforms. On arm for example,
you should update to wheezy to get the patch.

Another option would possibly to compile bash for yourself, if desired...